Privacy Policy

Introduction

ArchData is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, process, and protect information when you visit our website or use our services.

We comply with the General Data Protection Regulation (GDPR), the Cyprus Data Protection Law, and other applicable data protection regulations. As a data controller, we take our responsibilities seriously and implement appropriate measures to safeguard your information.

Data Collection

We collect personal data through various channels when you interact with our website and services. The information we collect includes:

Information You Provide

Contact Information: Name, email address, phone number, company name when you submit inquiries through our contact form
Communication Data: Content of messages you send us, including project details and technical requirements
Professional Information: Business role, industry sector, and organizational details relevant to service provision

Automatically Collected Information

Technical Data: IP address, browser type and version, operating system, device identifiers
Usage Data: Pages visited, time spent on pages, navigation paths, click patterns
Cookie Data: Information stored through cookies and similar technologies (see our Cookie Policy)

Analytics Information

We use Google Analytics to understand website performance and user behavior. This includes aggregated statistics about visitor demographics, interests, and interaction patterns. Analytics data is collected in accordance with our cookie consent preferences.

Legal Basis for Processing

Under GDPR, we process personal data based on the following legal grounds:

Consent

For marketing communications and non-essential cookies, we rely on your explicit consent, which you can withdraw at any time.

Contract Performance

Processing necessary to provide services you have requested or to enter into a service agreement with you.

Legitimate Interests

For website analytics, security monitoring, and business improvements, balanced against your privacy rights.

Legal Obligations

To comply with tax, accounting, and other legal requirements in Cyprus and the EU.

How We Use Your Data

We process personal data for specific, explicit, and legitimate purposes:

Service Delivery: To respond to inquiries, provide consultations, and deliver data architecture services
Communication: To send responses to your questions, project updates, and service-related notifications
Website Improvement: To analyze usage patterns and optimize website performance and user experience
Marketing: To send relevant information about our services (only with your consent)
Security: To protect against fraud, unauthorized access, and other security threats
Compliance: To meet legal and regulatory obligations in Cyprus and the EU

Data Sharing and Disclosure

We do not sell personal data to third parties. We may share your information with:

Service Providers

Third-party vendors who assist with website hosting, analytics (Google Analytics), email delivery, and other operational services. These providers are contractually bound to protect your data and use it only for specified purposes.

Professional Advisors

Legal, accounting, and other professional advisors when necessary for business operations or legal compliance.

Legal Requirements

Government authorities, regulators, or law enforcement when required by law, court order, or to protect our legal rights.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:

Contact Form Submissions: Retained for 24 months from last contact or until you request deletion
Client Project Data: Retained for 7 years to comply with accounting and tax regulations
Analytics Data: Retained for 26 months in accordance with Google Analytics settings
Marketing Consent: Retained until consent is withdrawn or for 36 months of inactivity
Cookie Data: Retention periods vary by cookie type (see Cookie Policy)

Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction:

Encryption: All data transmission uses SSL/TLS encryption protocols
Access Controls: Strict authentication and authorization mechanisms limit data access to authorized personnel
Monitoring: Regular security audits and monitoring for suspicious activity
Staff Training: Regular training on data protection principles and security practices
Incident Response: Documented procedures for responding to data breaches and security incidents

Your Rights

Under GDPR and Cyprus data protection law, you have the following rights regarding your personal data:

Right to Access

Request confirmation of whether we process your data and obtain a copy of your personal information.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data when it is no longer necessary or if you withdraw consent.

Right to Restriction

Request limitation of processing in certain circumstances, such as during accuracy disputes.

Right to Data Portability

Receive your data in a structured, commonly used format and transmit it to another controller.

Right to Object

Object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Withdraw consent at any time for processing based on consent, without affecting prior processing.

Right to Lodge a Complaint

File a complaint with the Cyprus Commissioner for Personal Data Protection or your local supervisory authority.

To exercise your rights, contact us through our contact form or at:

45 Gladstonos Street, 3040 Limassol, Cyprus

Phone: +357 25 487 926

We will respond to your request within 30 days of verification of your identity.

Your Rights and Opt-Out Instructions

You are not required to provide any personal information when using this website. If you prefer not to share your data, you may:

Avoid filling out contact forms, account registrations, or any data-submitting features
Disable cookies through your browser settings (see our Cookie Policy for more details)
Contact us directly to request the deletion of any previously shared personal data

We respect your privacy choices. If you would like us to delete your data, please reach out to us at the contact details provided on our contact page. We will process your request promptly.

International Data Transfers

Our website infrastructure and some service providers may be located outside Cyprus or the European Economic Area. When we transfer data internationally, we ensure appropriate safeguards are in place:

Standard Contractual Clauses approved by the European Commission
Transfers to countries with adequacy decisions from the EU Commission
Other legally recognized transfer mechanisms under GDPR Article 46

Children's Privacy

Our services are directed at business professionals and organizations. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that we have collected data from a minor without parental consent, we will take steps to delete such information promptly.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by updating the "Last Updated" date and, where appropriate, through email or website notifications. We encourage you to review this policy regularly.